(12) United States Patent 

I raw et al. 



Illlll 



US006542610B2 

(io) Patent No.: US 6,542,610 B2 
(45) Date of Patent: *Apr. 1, 2003 



(54) CONTENT PROTECTION FOR DIGITAL 
TRANSMISSION SYSTEMS 

(75) Inventors: Chandler Brendan Stanton Traw; 

David Wayne Aucsniith, both of 
Portland, OR (US) 

(73) Assignee: Intel Corporation, Santa Clara, CA 
(US) 

( * ) Notice: This patent issued on a continued pros- 
ecution application filed under 37 CFR 
1.53(d), and is subject to the twenty year 
patent term provisions of 35 U.S.C. 
154(a)(2). 

Subject to any disclaimer, the term of this 
patent is extended or adjusted under 35 
U.S.C. 154(b) by 0 days. 

(21) Appl. No.: 08/909,338 

(22) Filed: Aug. 11, 1997 

(65) Prior Publication Data 

US 2002/0007452 Al Jan. 17, 2002 

Related U.S. Application Data 

(63) Continuation-in-part of application No. 08/791,245, filed on 
.Tan. 30, 1997, now Pat. No. 5,949,877. 

(51) Int. CI. 7 H04L 9/12; H04L 9/16 

(52) U.S. CI , 380/262; 380/260; 380/264; 

713/168; 713/169 

(58) Field of Search 380/4, 28, 49, 

380/201, 264, 268, 271, 286, 260, 262; 
713/1, 100, 150, 151, 168, 169, 189, 156 

(56) References Cited 

U.S. PATENT DOCUMENTS 

4,937,866 A * 6/1990 Crowther et al 380/20 

5,241,598 A * 8/1993 Raith 380/21 

5,473,692 A 12/1995 Davis 380/25 



5,539,828 A 7/1996 Davis 380/50 

5,568,552 A 10/1996 Davis 380/4 

5,621,798 A 4/1997 Aucsniith 380/25 

5,701,464 A 12/1997 Aucsmith 395/610 

5,712,914 A 1/1998 Aucsmith et al 380/30 

5,751,809 A 5/1998 Davis et al 380/23 

5,757,919 A 5/1998 Herbert et al 380/25 

5,796,840 A 8/1998 Davis : 380/50 

5,805,700 A 9/1998 Nardone et al 380/10 

5,805,706 A 9/1998 Davis 380/49 

5,805,712 A 9/1998 Davis 380/50 

5,818,939 A 10/1998 Davis 380/49 

5,825,890 A * 10/1998 Elgamal et al 380/49 

5,828,753 A 10/1998 Davis 380/49 

5,845,116 A * 12/1998 Saito et al 395/673 

5,878,144 A 3/1999 Aucsmith et al 380/30 

5,892,899 A 4/1999 Aucsmith et al 395/186 

5,907,619 A 5/1999 Davis 380/23 

5,926,550 A 7/1999 Davis 380/25 

(List continued on next page.) 

Primary Examiner — Gail Hayes 

Assistant Examiner — Justin T. D arrow 

(74) Attorney, Agent, or Firm — Blakely, Sokoloff, Taylor & 

Zafman LLP 

(57) ABSTRACT 

A method for protecting digital content from copying and/or 
other misuse as it is transferred between one or more 
computationally constrained devices over insecure links, 
includes preliminarily authenticating that both a content 
source and a content sink are compliant devices, and trans- 
ferring content between compliant devices. In a further 
aspect of the invention, in the background, concurrently with 
the transfer of content, at least a second cryptographic 
process is performed. 

In an embodiment, establishing a preliminary control chan- 
nel includes exchanging random challenges between 
devices, encrypting, under a shared secret key, and hashing 
the exchanged random challenges, exchanging the results of 
the encryption and hash functions and then verifying that the 
appropriate results have been generated. 
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CONTENT PROTECTION FOR DIGITAL In an embodiment, establishing a preliminary control 

TRANSMISSION SYSTEMS channel includes exchanging random challenges between 

devices, encrypting, und er a shared secret key, and hashing 

CROSS REFERENCE TO RELATED the exchanged random challenges , exchangin g therasiilts of 

APPLICATIONS 5 th e encryption and hash rmictions and then verifying that th e 

' . . ■ . . . c 4 . 0 * T appropriate results have been generated. 

This is a continuation-in-part ot application 5>er. JNo. r L £ — s — — 

08/791,245, now U.S. Pat. No. 5,949,877 filed Jan. 30, 1997. 0ther features and advantages of the present invention 

will be apparent from the drawing figures, and detailed 

FIELD OF THE INVENTION description that follow. 

10 

The present invention relates generally to digital content BRIEF DESCRIPTION OF THE DRAWINGS 
protection and more particularly to scaleable methods and 

apparatus for secure communication between content FIGS - K a HP) are flow diagrams showing embodiments 

sources and content sinks when either or both are compu- of an authentication process m accordance with the present 

tationally constrained. 15 invention. 

FIG. 2 is a flow diagram showing an embodiment of an 

BACKGROUND authentication process in accordance with the present inven- 

Computer capabilities have increased dramatically in * lon * 

recent years. In addition to traditional computer applications FIGS. 3(a)-(b) are flow diagrams showing an authenti- 

such as word processing and spreadsheet calculations, mod- 20 cation and preliminary control channel key generation in 

ern personal computers (PCs) are typically capable of pro- accordance with the present invention, 

ducing and playing multimedia presentations. FIGS. 4(a)-(b) are flow diagrams showing an authenti- 

Multimedia applications may include materials such as cation process in accordance with the present invention, 

audio, yicjeo or graphic elements that are subject to copy- FIG. 5 is a flow diagram showing establishment of a 

right or contractual restrictions as to use, distribution or the 25 content channel in accordance with the present invention, 

like. Typically, the multimedia content is provided in digital FIG. 6 is a block diagram showing a content source in 

form for use by computers or other digital consumer elec- accordance with the present invention, 

tronic (CE) devices. fig. 7 is a block diagram showing a content sink in 

Many content providers are reluctant to include valuable accordance with the present invention, 

copyrighted material, e.g., fall length motion pictures, for pIG. 8 is a block diagram showing an embodiment of the 

use in multimedia applications because the digital bitstream presenl invention implemented with a software authentica- 

may be intercepted and copied. Unlike analog materials ^ Qn proxv 
which degrade in quality from one copy generation to the 

next, digital copying is capable of producing perfect copies DETAILED DESCRIPTION 

regardless of how many generations of copies are produced. 35 Qf ^ present afe degcribed 

Recent advances in storage technology, particularly digi- be[ow However, it will be understood by those skilled in the 

tal video discs (DVD) have created the ability to store full art mat the present invention may be practiced with only 

length motion pictures on a single small disc. However, some or all 0 f tne present invention. For purposes of 

consumers are unlikely to benefit from such advances unless 40 explanation, specific numbers, materials and configurations 

content providers have a mechanism to distribute digitized are set forth in order t0 provide a thorough understanding of 

versions of their valuable copyrighted material in a manner the present invention. It will also be apparent to those skilled 

that largely eliminates unauthorized copying. in the art that tne present invention may be practiced without 

It is possible to devise strong content protection schemes these specific details, 

for securely transferring digital content between various 45 s ome p0 rtions of the detailed descriptions which follow 

devices. ITiese schemes are often computationally intensive, aro prcS ented in terms of algorithms and sy mbolic reore - 

although modern PCs and customized hardware sentations of operations on data bits within a computer or 

implementations, typically have sufficient computational omer information processing system. These algorithmic 

resources to perform these content protection schemes in a descriptions and representations are the means used by those 

substantially real-time manner. However, in order to meet 50 skilled in the data processing arts to most effectively convey 

manufacturing cost targets, CE devices are often not tne su bstance of their work to others skilled in the art. An 

equipped with the computational resources needed to imple- algorithm is here, and generally, conceived to be a self- 

ment strong content protection schemes in a substantially consistent sequence of steps leading to a desired result. The 

real-time manner. steps are those requiring physical manipulations of physical 

What is needed is a method and apparatus for protecting 55 quantities. Usually, though not necessarily, these quantities 
digital content from copying and/or other misuse as it is take the form of electrical or magnetic signals capable of 
transferred between one or more computationally con- being stored, transferred, combined, compared, and other- 
strained devices over insecure communication links. wise manipulated. It has proven couvenient at times, prin- 
cipally for reasons of common usage, to refer to these 
SUMMARY OF THE INVENTION 6Q s[gm]s ag valuegj elementS) symb ols, characters, terms, 

Briefly, a method of transferring content between one or numbers, or the like. It should be borne in mind, however, 
more computationally constrained devices over insecure that all of these and similar terms are to be associated with 
links, includes preliminarily authenticating that both a con- the appropriate physical quantities and are merely compe- 
tent source and a content sink are compliant devices, trans- nient labels applied to these quantities. Unless specifically 
ferring content between compliant devices, then, in the 65 stated otherwise as apparent from the following discussions, 
background, concurrently with the transfer of content, per- it is to be appreciated that throughout the present invention, 
form at least a second cryptographic process. discussions utilizing terms such as "processing" or "com- 



11/19/04, EAST Version: 2.0.1.4 



US 6,542,610 B2 



puting" or "calculating" or "determining" or "displaying" or 
the like, refer to the action and processes of a computer 
system, or similar electronic computing device, that manipu- 
lates and transforms data represented as physical (e.g., 
electrical) quantities within the computer system's registers 5 
and memories into other data similarly represented as physi- 
cal quantities within the computer system memories or 
registers or other such information storage, transmission or 
display devices. 

Terminology 10 

Baseline Cipher refers to a ci pher algorithm that is 
common tojill compliant devic es. Examples of some well- 
known algorithms that may be used are Blowfish, DES and 
RC-4^ 

Blowfish refers to a block cipher that can be implemented 15 
very efficiently in software on PCs. It is described in, 
"Description of a New Variable* Length Key, 64-Bit Block 
Cipher (Blowfish)/' by B. Schneier, Fast Software 
Encryption, Cambridge Security Workshop Proceedings, 
Springer- Verlag, 1994, pp. 191-204. 20 

Compliant device refers to a device which is capable of 
securely transferring content in accordance with the present 
invention. Typically, the compliant device should have a 
digital certificate signed by a license authority, implement 
anti-tampering measures to reduce the likelihood that details 25 
about the prjvate key an^/ or authentication and key 
ex change mechanisms are readily discernible or altera ble, 
a MTshould avoid transferring protected content unless all 
devices participating in the content transfer have been 
aut hentica ted^ 30 
— CGMSrefers to Copy Generation Management System, a 
well-known format for indicating copy protection status. 

Computationally constrained, as used herein, refers to 
devices that do not have sufficient computational resources 
to perform the processes needed to authenticate compliant 35 
devices and establish secure control and co ntent channel s 
r apidly enou gh such th at protected content can be delivered 
t o a user within an acceptable latency period. The a ccenta'bTe 
length of the latency period varies between individual user s, 
however, substantially real-time operation is generally con - 40 
si dered a desirable goa l . 
/"V Device, as used herein, refers to both traditional consumer 
electronics products including but not limited to DVD 
player/recorders, digital televisions, set top boxes, digital 
satellite services receivers, and similar products, as well as 45 
l applications running on one or more computers. 

DES refers to the Data Encryption Standard a popular, 
symmetric key , standard encryption algorithm. It is a prod- 
uct cipher that operates on .64 bit blocks of data, usin g a 56 
bit key. It is defined in FTPS 46-1 (1988) (which supersedes 50 
FIPS 46 (1977)). PES i s identical to the ANSI standard Data 
Encryption Algorithm (PEA) defined in ANSI X3.92-1981. 

DSA refers to the Digital Signature Algorithm specified in 
the DSS. 

DSS refers to the Digital Signature Standard specified in 55 
FIPS 186 Digital Signature Standard, May 19, 1994, and 
available from NTIS. 

FIPS refers to Federal Information Processing Standards, 
which are United States Government technical standards 
published by the National Institute of Standards and Tech- 60 
nology. Computer-related products bought by the US Gov- 
ernment must conform to these standards. 

JEEE 1394 refers lo I FEE Standard for a High Perfor- 
mance Serial Bus, IEEE Std 1394-1995, Institute of Elec- 
trical and Electronic Engineers, August 30, 1995. 65 

ISO refers to the International Organization for 
Standardization, a voluntary, organization, responsible for 



creating international standards in many areas, including 
computers and communications. 

MPEG is an acronym for Moving Picture Experts Group, 
and refers to an ISO committee that generates standards for 
digital video and audio compression. MPEG also refers to 
the name of algorithms promulgated by the MPEG commit- 
tee. MPEG-1 is optimized for CD-ROM, MPEG-2 for 
broadcast quality video and MPEG-4 for low bandwidth 
video telephony. 

Public key refers to ciphers that use different keys for 
encrypting and decrypting a particular unit of data. 

Symmetric key refer to ciphers that use the same key for 
encrypting and decrypting a particular unit of data. 
Overview 

Embodiments of the present invention provide the ability 
to communicate (that is, transfer, transmit, distribute, or the 
like), prot ected content between devices over otherwi se 
i nsecure communication link s, at varying levels of security. 
In particular, a first level of security is selected that can be 
established quickly by computationally constrained devices. 
Protected content can then be transferred between devices 
while a more secure channel is established in the back- 
ground. In this way even low cost, computationally con- 
strained devices can begin delivering content to a user with 
low latency, FIG. 1(a) illustrates a process embodying the 
present invention where in a step 104, preliminary control 
and content channels are established, and subsequently, in a 
step 106, full control and content channels are established. 

FIG. 1(b) illustrates an alternative embodiment which 
includes a step 102, wherein a determination is made as to 
whether the content source or sink is computationally con- 
strained. If neither of the devices is computationally con- 
strained then the step of establishing preliminary control and 
content channels is bypassed. 

In embodiments of the present invention, when two (or 
more) c ompliant devices are to exch ange protected~conte nt 
a cross a~TommUnicatlons medium, such as an IEEE 1394. 
serial bus ,jhe cr yptographic protocols described herein ar e 
used to protect the content as it traverses the bus. 

Betore any protected content can be exchanged, the 
devices that are to exchange the content must first authen- 
ticate themselves if they have not previousl y d one s o. 
Authenti cation is required to ensure that all ofThe devic es 
that wilFbe handling the protected content are compliant. 
The device authentication and control channel establishment 
process has two phases, first a preliminary authentication, 
followed by a full authentication. The properties of the two 
authentication phases are summarized in the Table 1 . 

TABLE 1 

Authentication Computation Computation Time (CE 

Phase Robustness Time (PC) Microcontroller) 

Preliminary Reasonable 



Full 



High 



less than a milliseconds 
millisecond 

10s of 10s of seconds 

milliseconds 



( 



Following the completion of the preliminary authentica- 
tion phase, an encrypted control channel is establishe d 
between the' authenticated devices . This preliminary control 
c hannel is used to initiate the transfer of protected conten t 
across the bus via encrypted content channels . Ttigj ransfer 
ofc ontent is subject to immediate cancellation if any secu - 
rit yjhreats are detected as the second , highly robust full 
authentication phase continues in the background. 

The choice of symmetric ciphers is flexible to allow a 
range of solutions providing vjiryip g levels nf_s ecnnty T 
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implementation complexity, expense, and performance. In General 
order to ensure interoperability, all compliant devices and 

S^pvlJ-Sign m using DSS with private key X 

applications should support the Baseline Cipher. Device V* [M]=Verify signature of M using DSS with public key 

certificates typically contain a description of the ciphers that X 

are supported by a device. In alternative embodiments, 5 E t K > M]-Encrypt M with key K using baseline cipher 

device certificates specify that the pair of devices being H iSffil . 1 [M]=Add SHA-1 hash to M 

authenticated support variable key length ciphers. In such a |= Concatenation of fields 

case, a key length can be specified along with the type of Digital Transmission Protection Authority 

cipher to be used L ' L ~ ^S 11 * 1 Transmission Protection Authority DSS 

One cipher which can be use as the Baseline cipher or as 10 public/private key P^J 

, , j . i r , t ■ . t~ii ji l_ e=pubhc constant for Dirne-Hellman key exchange 

an alternate supported cipher for this system is Blownsh. ° r , . , , ~ - „ A. *• «• ™«= 

„ , . f i i • . , , t i n /ii//-P u blic prime modulus lor full authentication Dime- 

Blowfish is a block cipher that P-gtggggJ^fY dependent ' Rc n mm key exchange 

peraujation and substitution operations o n 54 b i te of data a t S( =Universal shared secret for Preliminary Authentication 

a jime. In standard implementations of Blowfish, the per- 15 anc | ^ e y excnan g e 

mutation and substitution functions are derived from the Values Shared by Devices 

hexadecimal digits of ji and the specific key being used to K^^Control Channel key generated through Dif&e- 

encrypt/decrypt data. This key can be up to 448 bits long. In Hellman key exchanges 

this content protection system, Blowfish can be modified to K^^^^Random Content Channel key 

allow the use of alternate initialization values for the per- 20 Control__Algo_Select=Selected symmetric cipher algo- 

mutation and substitution functions. Specifically, instead of rithm for a control channel 

7t other values can be used. These values may be randomly Content_Algo_Select=Selected symmetric cipher algo- 

generated and stored in volatile or nonvolatile memory rithm for a content channel 

within a device. Alternatively, these values can be generated For Device X 

in real time or in advance and then distributed as initializa- 25 X\ K'^DSS Public/private key pair 

tion state prior to the use of the cipher. X /z> -Identification Number 

Embodiments of the present invention do not complicate X^-SH A-l hash of software implementation 

the use of CE devices or PC application software for X A«**^^*= Au toonzation Mas k . 

legitimate users. All copy protection mechanisms happen X Cerf »XyJX /ra , A |)^ Mf fc^ ifoJ *|X |S [X /n \X Hash \X Auth _ 

transparently. When a new device is added to the system no 30 ', M ^J V ^ G ,lu^. . * tU ^ 

. , . J4 j • 1 *t. Xk=Random value for the first phase of the Diffie -Hellman 

special actions are required to renew device keys or other- , , r 

wise enable the copy protection mechanisms. The ; authenti- /^ iy Authentication 

cation and key exchange mechanisms automatically handle / Iq a typical em5odiment of me present inventio n, authen- 

the addition of new devices/applications and the establish- £ tication and control messages are sent _ usinglEEE 1394- 

ment of channels between devices. / ^asynchronous transaction s. However, other interconnect 

Referring to FIG. 2, a more detailed embodiment of the technologies such a Ethernet, or cable television plants may 

present invention is illustrated. In a step 202 a preliminary be used. The only requirement is that the interconnect 

control channel is established. In a step 204, a preliminary technology must supp ort bi-directional comrm inkation. 

content channel is established. In a step 206, content transfer 40 In an example of system operation in accordance with the 

over the preliminary content channel is begun. In a step 208, present invention, a compliant device ("Device A") which is 

a full control channel is established in the background. In a a source of protected content (e.g., a DVD player) is 

step 210, a full content channel is established. In steps 212, requested to transmit protected content across a serial bus to 

214, the content transfer over the preliminary content chan- another compliant device ("Device B") which is a sink for 

nel is terminated and content transfer over the full content 45 protected content (e.g., a PC running an MPEG-2 video 

channel is begun. stream decoder). 

Embodiments of the present invention may be imple- When Device A is requested to initiate the transmission of 

mented in hardware, or software executed by a computing p rotected content to Device B . De vice A checks to see if an 

device such as a microcontroller or microprocessor. Well encry pted control channel has already been established 

understood cost and performance trade -offis will guide 50 between the two devices . I f this control channel exis ts, the 

designers in making specific implementation choices. Typi- devices have alre ad y, authenticated each other making fur - 

cally, for CE devices, the authentication and key exchange ther authentication unnecessar y, a nd the d^ vic^ nan imrpft- 

mechanisms should be implemented using software running di atelv establish an encrypted conten ixhannel. If however, 

on an embedded microcontroller, and the channel ciphers t he control channel does not exi st, pre liminary authentica - 

should be implemented in hardware. Typically, for a PC, all 55 tion must be initiated. 

components of the content protection system in accordance The preliminary authentication phase is designed to pro- 
with the present invention may be implemented in software.-^ vide reasonable security for protected content while being 
Preferably a PC that implements the present invention is computationally lightweight in order to maintain user trans- 
protected by anti-tampering techniques. parency. The preliminary authentication phase typically 

Embodiments of the present invention are compatible 60 requires a fraction of a second of computation to complete 

with other copy management technology such as watermark- on a typical CE embedded controller, 

ing. For example, the copy control information can be In an alternative embodiment, a determination is made 

embedded within the content using watermarks. regarding the computational capacity of the current source 

The following notation is used to describe the crypto- and sink. If both the content source and sink have the 

graphic processes of establishing both preliminary and full, 65 computational resources to provide full authentication and 

control and content channels, as well as authentication channel establishment quickly enough to be transparent to a 

processes. user, then, as shown in FIG. 1(6), the preliminary authen- 
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tication phase is bypassed. Typically, when authentication is 
performed between two PCs, the preliminary authentication 
phase is bypassed since sufficient computational resources 
exist to perform the full authentication procedure in a user 
transparent manner. 

In an illustrative embodiment of the present invention, the 
devices exchange challenges, perhaps random challenges 
(A^., B c ) and device certificates (A^.^, B Ce „). Both devices 
respond by encrypting (with key S^) and then hashing the 
other device's challenge. Upon receiving the response to the 
challenge, each device verifies that the appropriate response 
has been received. If the expected value is not returned, a 
security threat has been detected and the system w ilLnot be 
permitted to exchange protected__content . If the random 
cfiallenge is successful, a shared control channel key 
(Kg ^ c j) is^ computed by the devices. 

HO. 3{a) illustrates details of an illustrative embodiment 
of the preliminary authentication process in accordance with 
the present invention. Device A generates a random chal- 
lenge 302, concatenates the random challenge with the 
certificate of Device A to form a data string (M^). and 
transmits 304 M A1 to Device B. Similarly, Device B gen- 
erates a random challenge 303, concatenates the random 
challenge with the certificate of Device B to form a data 
string (M B1 ) and transmits 305 M B1 to Device A. 

Device A encrypts 306 the random challenge received 25 
from Devic e B. This encryption is performed with th e 
Baseline ciphe r using the shared secret key S rr . The result of 
this encryption is then has hed 308 to form a data string 
' (M^J. Device B enc rypts Mil the random challenge 
received fro m Device A. This encryption is performed wi th 30 
theBaseline cipher using the shared s rnrt frfry S v Thr 
"result of this encryption is then hashed 309 to f orm a data 
smng^M^ ' 

"" Data string M A? is transmitted 310 to Device, B where it 
is compared 313 to the expected value . S imilarly, data string 35 
Mg 2 is_transmitte d 3 11 to Device A where it is comparedJ 312 
t o the expected valu e, It both M A ^ and M,„ match the 
ex pected val ues, then a pre liminary control channel key is 
g enerate d 315, 31 6 in both Device A and Device B .J i eithe r 
M A ^ or M OT does not match its expected valu e, the n Devic e 40 
A and Device B can not excha nge protected conte nt 314. 

Both Device A ana Device 1* generate the preliminary 
control channel key by encrypting the random challenge of 
Device A and the random challenge ofDevice B, using the 
Baseline Cipher^ and the secret shared key S^, thenperform- 
ing an exclusive OR operation between the two encrypted 
random challenges 315, 316. This can be described sym- 
bolically as Kpre^ontro^EtS^AjSEtS^BJ. 

In a further embodiment of the present invention, if the 
random challenge generated by Device A and the random 
challenge generated by Device B are equal, then the pre- 
liminary control channel key is set to EpJ^AJ 319, 320. 

With the successful generation of a preliminary control 
channel key a preliminary control channel is established 
322. 

In the case where De vice, A is a,content source and Dev ice 
B is only a conten t sink and can never be a content sourc e, 
then the preliminary authentication procedure can simpl i- 
£ieiL More particularly, as shown in FIG. 3(b), Device A 
generates a random challenge 362, concatenates the random 
challenge- with the certificate of Device A to form a data 
string (M A1 ). and transmits 354 M A1 to Device B. 

Device B encrypts 355 the random challenge received 
from Device A. This encryption is performed with the 
Baseline cipher using the shared secret key The result of 65 
this encryption is then hashed 356 to form a data string 
(M«). 



45 



50 



60 



Data string M B2 is transmitted 357 to Device A where it 
is compared 358 to the expected value. If M m matches the 
expected value, then a preliminary control channel key is 
generated 362, 363 in both Device A and Device B. If M B2 
does not match its expected value, then Device Aand Device 
B cannot exchange protected content 360. 

Both Device A and Device B generate the preliminary 
control channel key by encrypting the random challenge of 
Device A using the Baseline Cipher and the secret shared 
key S^r 362, 363. This can be described symbolically as 
Kpre_control=E[S Uy A c ]. 

To maintain the validity of this authentication mechanism, 
S u must not be made public and must be protected from 
disclosure through reverse engineering. 

Typically, the baseline channel cipher, which is supported 
by all devices, will be used for this preliminary control 
channel. 

In a further embodiment of the present invention, the 
exchanged device certificates can provide property informa- 
tion about the devices being authenticated. For example, one 
property is the level of authentication supported for a given 
system. Full authentication is one option, however other 
conditional access mechanisms could be used as well. 

In an alternative embodiment of the present invention, the 
initial exchange between Device A and Device B (shown at 
304 and 305 in FIG. 3(a)) is modified such that the certifi- 
cates are not concatenated, or transmitted with the random 
challenges. 

Full Authentication and Control Channel Key Exchange 

If required, as soon as the preliminary authentication 
process is successfully completed, an attempt to perform a 
full authentication is begun. 

Following the successful completion of the preliminary 
authentication procedure, each device calculat es a Diffie^. 
Hellman key exchangfe-i kst-phase- value (A„ B v ). The 
"devices then exchange signed messages (M A3 and M B3 ) 
which contain: 1) the other device's random challenge from 
the preliminary authentication (X c ); and 2) the Diffie- 
Hellman key exchange first phase value (Xy). 

An embodiment of the full authentication is illustrated 
with reference to FIG. 4(a). Device A generates a message 
M A3 , and transmits the message to Device B as shown in 
steps 402, 404 and 406. Device B generates a message M B3) 
and transmits the message to Device A (as shown at 403, 405 
and 407). Device A and Device B then process the messages 
(Mff3, M A3 respectively) which have been received by first 
checking the signature on the message by computing V* 1 
[Mj^] with the other device's (device Y's) public key (Y 1 
from Y Ccrr ) to verify that the message has not been tampered 
with. Specifically, Device A determines whether mes- 
sage signature is valid (408) and if not, then a security threat 
has been detected (410) and protected content cannot be 
exchanged. Similarly, Device B determines whether M A3 
message signature is valid (409) and if not, then a security 
threat has been detected (410) and protected content cannot 
be exchanged. 

If the message signatures are valid, the next step is for 
Device A to verify Device B's certificate (412) by comput- 
ing V x [B Cer J and for Device B to verify Device A's 
certificate (413) by computing V L [A^J. If the Digital 
Transmission Protection Authority signature is not valid, the 
device that transmitted the certificate is not a compliant 
device. 

If no errors, or security threats, have occurred up to this 
point, the two devices have authenticated each other (414, 
415). In one embodiment of the present invention a "watch 
dog" timer is used to ensure that the full authentication 
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procedure is completed in a timely manner. Those skilled in number initialized to the least significant 16 bits of and 

the art will recognize that a specific delay value, or range of incremented for each additional message sent. Alternative 

values, can be determined according to the computational embodiments of the present invention can forgo the inclu- 

resources that are being. sion of message elements such as the Cipher initialization 

By calculating mod n FulI (414) and A v Bk mod n Fu!J 5 state or the sequence number initialized to the least signifi- 

(415) for Devices A and B respectively, a new, more robust cant 16 bits of A c . 

key, Kc^^ig** 3 * mod n^,), has been established for the If additional compliant devices desire to receive content 

encrypted control channel. To complete the full authentica- which is already being transmitted, they can request that the 

tion procedure, Device A specifies (416) which channel source device send the values described above via the 

encryption algorithm will be used to protect the Control 10 appropriate control channel. 

Channel. While content is flowing across an encrypted content 

Embodiments of the present invention may compare channel, the copy control information associated with the 

^Auth_Mask (found in B^) with A^^^^ to select the stream can be updated at any time via the control channels) 

strongest encryption algorithm which is mutually supported. between the source device and destination device(s). Upon 

Control_Algo Select is set to the appropriate value and 15 updating the copy control information, the key associated 

transmitted to Device B. In still further embodiments of the with the content channel should also be updated. In addition, 

present invention, a cipher initialization state is transmitted depending on the strength of the channel ciphers, it may be 

to Device B. desirable to change the content channel key on a periodic 

In the case where Device Ais a content source and Device basis. New content channel keys and copy control informa- 

B is only a content sink and can never be a content source, 20 tion can be put into service when an indicator is transmitted 

then the full authentication procedure can simplified. More over the content channel. This copy control information can 

particularly, as shown in FIG. 4(b), where the determinations be embedded in the content stream or as part of a header in 

of Device A's message signature validity and Device A 3 & the IEEE 1394 protocol, such as the CIP header, 

certificate validity are obviated. Therefore the determina- When the source device has completed the transmission 

tions (409, 413) shown in the embodiment of FIG. 4(a) are 25 of the copyrighted content it sends a message to the 

not required. destination(s) via the control channel(s) to terminate the 

To switch over from the preliminary control channel key content channel, 

and baseline cipher to the new key and the cipher specified / Most of the content which this system is intended to 

by ControLAlgo„Select, a message is sent across the < protect is real time in nature. Therefore, if the communica- 

preliminary control channel indicating that all future control 30 tions link used is the IEEE 1394 bus, t hen the pr oteclejd 

channel messages will use the new key and algorithm. c ontent will typically be transferred across the IEEE 139 4 

The control channel remains available as long as both seri al bus isochronou sly. This syste m can also be used to 

devices remain powered up and attached to the communi- protect non-real time content transferred asynchronously 

cations link. The control channel can be repeatedly used to across a commurncaTtPns~rink: " "* 

set up and manage the security of protected content streams 35- — FfGrTshows an example of the operation of an embodi- 

without further authentication. Depending on the strength of ment of the present invention. The source of the content, in 

the channel ciphers, it may be desirable to change the control a step 502, sends a message (as described above), via the 

channel keys on a regular basis. Control channel keys can be previously established control channel, to a compliant des- 

updated using a signed Diffie-Hellman key exchange similar tination device (or devices in the case of a content 

to the one used during the full device authentication process. 40 multicast). 

The computation for these key changes would typically be If additional compliant devices desire to receive content 

a low priority background activity, which would not affect which is already being transmitted, those devices can 

overall device performance. request receipt of the values described above via the control 

The algorithms for both DSS and Diffie-Hellman are channel. A separate control channel is created between each 

public knowledge and have been subject to intensive efforts, 45 source and destination. 

unsuccessful thus far, to break them. From a technical The protected content is transmitted in a step 504. When 

perspective, the only things which must be kept secret for the source has completed the transmission of the protected 

full authentication are the private keys for signing data. All content it sends a message, in a step 506 to the destination(s) 

other aspects of the system can be public. For greater asynchronously via the control channel(s) which terminates 

security however, it is desirable to keep aspects of the 50 the content channel, 

system such as the symmetric cipher algorithm confidential. Compliant System Components 

Content Channel Encryption A compliant system must implement the components 

Exemplary embodiments of the present invention, to described in the following sections. FIG. 6 shows the 

establish an encrypted channel for protected content, can components required for a device which is a source of 

utilize the following procedure once a secure control chan- 55 protected content. FIG. 7 shows the components for a 

nel has been established by the preliminary or full device receiver of protected content. In both FIGS. 6 and 7, the 

authentication procedures. Encryption of the control channel subsystems in boxes with solid outlines are required for 

is performed to preserve the confidentiality of content chan- compliance. Boxes with dashed outlines are subsystems 

nel keys and ensure the integrity of other messages. The which are common to compliant and non-compliant devices, 

source of the content sends a message via the encrypted 60 Marking Subsystem 

control channel to the compliant destination device (or A Marking Subsystem 602 shown in FIG. 6 is present in 

devices in the case of a content multicast). This message systems which are sources of protected content. The primary 

contains: a randomly generated key which is unique for each function is to determine the protection status of the content 

stream of content. (K^,^,); the symmetric cipher to use which is to be transferred across the serial bus. This status 

(Content_Algo_Select); Cipher initialization state; the lso- 65 is then translated into protection requirements which are 

chronous channel associated with the content stream; Copy passed to an Authentication and Key Exchange Subsystem 

Control Information (such as CGMS bits); a sequence 604. 
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Authentication and Key Exchange Subsystem 

"" As shown in FIGS. 6 and 7 an Authentication and Key 
Exchange Subsystem 604, 704 is found in both Senders and 
Receivers of protected content. Authentication and Key 
Exchange Subsystem 604, 704 is responsible for implement- 
ing the protocols which are used to ensure that devices 
exchanging protected content are compliant. The protocol is 
also used to select a channel encryption algorithm and 
exchange the control channel encryption key. 
Channel Encryption Subsystem 

A compliant device that transmits protected content must 
have a Channel Encryption Subsystem 606. Control 
messages, as well as protected content, are encrypted prior 
to transmission. Channel Encryption Subsystem 606 per- 
forms these encryptions. The keys used to encrypt the 
content and commands are passed to Channel Encryption 
Subsystem 606 from Authentication and Key Exchange 
Subsystem 604. Channel Encryption Subsystem 606 may 
support more than one cipher, although for interoperability 
it is preferable that a Baseline Cipher be supported. In a 
typical embodiment of the present invention, Authentication 
and Key Exchange Subsystem 604 specifies the particular 
cipher and key to be used for each packet transmitted. 
Channel Decryption Subsystem 

Acompliant device which receives protected content must 
have a Channel Decryption Subsystem 708. Channel 
Decryption Subsystem 708 decrypts control messages and 
protected content which are received from the serial bus. 
The keys used to decrypt the content and commands are 
passed to Channel Decryption Subsystem 708 from Authen- 
tication and Key Exchange Subsystem 704. Channel 
Decryption Subsystem 708 may support more than one 
cipher, although for interoperability it is preferable that a 
Baseline Cipher be supported. Authentication and Key 
Exch ange Subsvstem7Q4 s pecifies the particular cipher an d 
key to be used t or each packet receiv ed. 
Baseline Cipher 

A Baseline Cipher must be supported by Channel Encryp- 
tion Subsystem 606 and Channel Decryption Subsystem 708 
of all compliant devices. This baseline cipher is required to 
ensure the interoperability of all compliant devices. Addi- 
tional ciphers with other properties such as increased secu- 
rity can also be deployed and used, provided that both the 
source and destination devices support it. Those skilled in 
the art will recognize that many symmetric key ciphers, for 
example DES, are available to for use as a baseline cipher. 
Key Generation at Device Manufacture 

Ideally, each device manufactured will have a uniq ue 
d evice ID and public/private DS S^key pair. With unique 
d evice IDs and DSS ke ys, the Digital Transmission Protec- 
tion Authority will only need to revoke the certificates of the 
specific devices which have been compromised. Other users 
who bought -the same device model and have not violated the 
license agreement would not be effected by this revocation. 
The principle drawback of this scheme may be that the 
manufacture of CE devices is made more complicated. This 
would be the case if no information unique to each copy of 
the device (such as a serial number) is currently pro- 
grammed into it. 

Authentication Softw are Infrastructure 

An illustrative emoodiment JSOO implementing the present 
invention on a PC is shown in FIG. 8. A shared authentica- 
tion proxy 802 on the PC handles all authentication activities 
associated with managing a protected content stream tra- 
versing a serial bus 804 between the PC and other IEEE 
1394 devices 806. This includes not only authenticating 
external devices but also authenticating software compo- 
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nents running on the PC which will source and sink pro- 
tected content streams. The authentication mechanism used 
between the software components running on the PC and 
authentication proxy 802 is typically the same as the one 

5 described above in connection with hardware sources/sinks. 
Each software component which is a source or sink of 
content has a digital certificate and a public/private DSS key 
pair associated with it just like a physical device. 

When a software source or sink is initialized, it performs 
a full authentication with authentication proxy 802. This 
results in the establishment of a secure control channel 
between the software component and the authentication 
proxy. External devices also authenticate themselves with 
the authentication proxy on the PC whenever they need to 
exchange content with the PC. The authentication proxy 

15 passes the control channel key established with an external 
device to the software components that handle the content 
being transmitted or received by that device via the control 
channel between the software component and the authenti- 
cation proxy. The external device and the software compo- 

20 nent can then establish content channels using the control 
channel which is now open between them. 

Alternative embodiments, including ones with no central- 
ized authentication proxy, are possible. If there is no cen- 
tralized authentication proxy, authentication can be per- 

25 formed directly between the software components sourcing 
or sinking the protected content and the external serial bus 
devices. Additional software functionality would be needed 
to ensure that authentication messages get routed correctly 
between an IEEE 1394 software stack and the source/sink 

30 software components being authenticated. 
Conclusion 

Embodiments of the present invention provide a flexible 
system which can support a range of protection levels. 
Digital certificates enable device authentication which in 

35 turn facilitates the exclusion of devices which can circum- 
vent the protection of the content. Furthermore, the content 
itself may be encrypted to ensure that even if it is copied, it 
will be in an unusable format. The present invention allows 
for a high level of content protection which can be imple- 

40 mented with a reasonable level of resources for consumer 
electronics equipment and computer systems. 

Embodiments of the present invention advantageously 
provide strong protection of audio/video content transmitted 
over communications links such as an IEEE 1394 bus. 

45 A further advantage of the present invention is that 
non-compliant devices are unable to transmit or receive 
protected content. 

A still further advantage of the present invention is that it 
is inexpensive to implement in PCs and other consumer 

50 electronic devices. 

It will be understood by those skilled in the art that many 
design choices are possible within the scope of the present 
invention. The present invention is not limited to commu- 
nication via a bit serial link, nor is it limited to a particular 

55 cryptographic algorithm or key length. For example, 
although an illustrative embodiment of the present invention 
is described as using an IEEE 1394 serial bus, the present 
invention is equally applicable to other interconnect tech- 
nologies such as Ethernet, Asynchronous Transfer Mode 

60 (ATM), cable television systems, and telephony networks. 
Also, cryptographic algorithms chosen for the content and 
control channels may be different. Similarly, cryptographic 
algorithms chosen for authentication may be different from 
those described herein. For example, the RSA algorithm can 

65 be used for digital signatures and key exchange. 

The present invention can be embodied as methods and 
apparatuses for practicing those methods. The present inven- 
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tion can also be embodied in the form of computer program 
code embodied in tangible media, such as floppy diskettes, 
CD-ROMs, hard drives, or any other computer-readable 
storage medium, wherein, when the computer program code 
is loaded into and executed by a computer, the computer 5 
becomes an apparatus for practicing the invention. The 
program code encoded in tangible media creates the means 
for causing the computer to perform the various steps of the 
present invention. The present invention can also be embod- 
ied in the form of computer program code, whether stored in 10 
a storage medium loaded into and/or executed by a 
computer, or transmitted over some transmission medium, 
such as over electrical wiring or cabling, through fiber 
optics, or via electromagnetic radiation, wherein, when the 
computer program code is loaded into and executed by a 15 
computer, the computer becomes an apparatus for practicing 
the invention. When implemented on a general purpose 
microprocessor, the computer program code combines with 
the microprocessor to provide a unique device that operates 
analogously to specific circuits. 20 

It will be understood that various changes in the details, 
materials, and arrangements of the parts and steps which 
have been described and illustrated in order to explain the 
nature of this invention may be made by those skilled in the 
art without departing from the principles and scope of the 25 
invention as expressed in the subjoined claims. 

What is claimed is: 

1. A method of transferring content from a content source 
to a content sink, comprising: 

a) exchanging random challenges between the content 30 
source and the content sink; 

b) encrypting the exchanged random challenges with a 
secret key, then hashing the encrypted random chal- 
lenges; 

35 

c) exchanging the encrypted, hashed random challenges; 

d) comparing exchanged encrypted, hashed random chal- 
lenges to expected values; 

e) establishing, if the exchanged encrypted, hashed ran- 
dom challenges match the expected values, a prelimi- 40 
nary control channel. 

f) establishing a preliminary content channel; and 

g) transferring content over the preliminary content chan- 
nel. 

2. The method of claim 1, further comprising: 45 
establishing a full control channel and a full content 

channel. 

3. The method of claim 2, further comprising: 
transferring content over the full content channel. 

4. The method of claim 1, further comprising: 50 
determining whether at least one of a content sink, and a 

content source is computationally constrained. 

5. A method of transferring information, the method 
comprising: 5s 

a) transmitting a first random challenge from a first device 
to a second device, and transmitting a second random 
challenge from the second device to the first device; 

b) in the first device, encrypting, then hashing the second 
random challenge, and in the second device, 60 
encrypting, then hashing the first random challenge; 

c) transmitting the hashed, encrypted, second random 
challenge to the second device, and transmitting the 
hashed, encrypted, first random challenge to the first 
device; 65 

d) in the first device, comparing the hashed, encrypted 
first random challenge to a first expected value, and in 
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the second device comparing the hashed, encrypted 
second random challenge to a second expected value; 

e) if both comparisons in (d) result in a match, then 
establishing a preliminary content channel; and 

f) transferring information over the preliminary content 
channel. 

6. The method of claim 5, further comprising terminating 
information transfer over the preliminary content channel. 

7. The method of claim 5, further comprising establishing 
a full control channel and a full content channel. 

8. A method of transferring information, the method 
comprising: 

a) transmitting a first random challenge from a first device 
to a second device, and transmitting a second random 
challenge from the second device to the first device; 

b) in the first device, encrypting, then hashing the second 
random challenge, and in the second device, 
encrypting, then hashing the first random challenge; 

c) transmitting the hashed, encrypted, second random 
challenge to the second device, and transmitting the 
hashed, encrypted, first random challenge to the first 
device; 

d) in the first device, comparing the hashed, encrypted 
first challenge to a first expected value, and in the 
second device comparing the hashed, encrypted second 
random challenge to a second expected value; 

e) if both comparisons in (d) result in a match, then 
generating a preliminary control channel key to estab- 
lish a preliminary content channel, the generating of the 
preliminary control channel key comprises encrypting 
the first random challenge, encrypting the second ran- 
dom challenge and performing an exclusive OR opera- 
tion on the encrypted first random challenge and the 
encrypted second random challenge; and 

f) transferring information over the preliminary content 
channel. 

9. The method of claim 8, further comprising determining 
if the result of the exclusive OR operation is a zero, and if 
it is, then setting the preliminary control channel key equal 
to the encrypted first challenge. 

10. The method of claim 8, wherein encrypting the first 
challenge comprises performing a baseline cipher operation 
with a secret key. 

11. A method comprising: 

a) conducting a preliminary authentication phase to estab- 
lish an encrypted control channel between a first device 
and a second device; 

b) temporarily transferring content over the encrypted 
control channel; and 

c) conducting a full authentication phase in a background 
while transferring the content over the encrypted con- 
trol channel, the full authentication phase being more 
robust than the preliminary authentication phase. 

12. The method of claim 11, wherein conducting the full 
authentication phase comprises: 

transferring a first message from the first device; 

receiving a second message by the first device, the second 
message including a message signature and a certifi- 
cate; 

determining by the first device that the second message is 
valid; 

verifying by the first device that the certificate is valid; 
and 

calculating a key for maintaining the encrypted control 
channel. 
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13. The method of claim 12, further comprising: 
selecting an channel encryption function to be used in 

connection with the encrypted control channel. 

a) a first program conde to conduct a preliminary authen- 
tication phase to establish an encrypted control channel 5 
between the computer and a remote device; 

b) a second program code to temporarily transfer content 
over the encrypted control channed from the computer; 
and 

c) a third program code to conduct a full authentication 10 
phase in a background while transferring the content 
over the encrypted control channel, the full authenti- 
cation phase being more robust than the preliminary 
authentication phase. 

14. The method of claim 11, wherein the coducting of the 15 
preliminary authentication phase includes encrytion and 
subsequent hashing of random challenges provided by the 
first device and the second device. 

15. A method comprising: 

a) conducting a preliminary authentication phase to estab- 
lish an encrypted control channel between a first device 
and a second device, the conducting of the preliminary 
authentication phase comprises (i) exchanging data 
between the first device and the second device, (ii) 
encrypting the exchanged data and subsequently hash- 
ing the encrypted data, (iii) exchanging the encryted, 
hashed data, (iv) comparing the exchanged encryted, 
hashed data to expected values, and (v) establishing the 
encryted control channel if the exchanged encryted, 
hashed data matches the expected values; 

b) temporarily transferring content over the encryted 
control channel; and 

c) conducting a full authentication phase in a background 
while transferring the content over the encryted control 35 
channel, the full authentication phase being more 
robust than the preliminary authentication phase. 

16. The method of claim 15, wherein the exchanged data 
is encryted with a preliminary control channel key being a 
result of a shared secret key and a random challenge of the 40 
first device encryted with a cipher. 

17. The method of claim 16, wherein the cipher is a 
Baseline Cipher. 

18. The method of claim 15, wherein the exchanged data 

is encryted with a preliminary control channel key being a 45 
result of an Exclusive OR operation on (1) a shared secret 
key and a random challenge of the first device encryted with 
a cipher and (2) the shared secret key and a random 
challenge of the second device encryted with the cipher. 

19. The method of claim 15, wherein the conducting of 50 
the full authentication phase occurs in the background while 
the content is being transferred over the encryted control 
channel. 

20. A computer program code stored in a computer- 
readable storage medium for execution by a comupter, 55 
comprising: 

a) a first program code to conduct a preliminary authen- 
tication phase to establish an encryted control channedl 
between the computer and a remote device; 

b) a second program code to temporarily transfer content 60 
over the encryted control channel from the computer; 
and 

c) a third program code to conduct a full authentication 
phase in the background while transferring the content 
over the encryted controll channel, the full authentica- 65 
tion phase being more robust than the preliminary 
authentication phase. 



21. The computer program code of claim 20, wherein 
third program code to conduct the full authentication phase 
comprises: 

code to transfer a first message from the computer; 
code to receiving a secon message by the computer, the 

second message including a message signature and a 

certificate, and to determine that the second message is 

valid and the certificate is valid; and 
code to calculate a key for maintaing the encryted control 

channel. 

22. The computer program code of claim 20, wherein the 
preliminary anthentication phase conducted by the first 
program code includes encryption and subsequent hashing 
operations on a first radom challenge by the first device and 
on a second random challenge by the second device and 
comparison of the hashed encrypted random challenges with 
expected values by both the first device and the second 
device. 

23. A computer program code stored in a computer- 
readable storage medium for execution by a computer, 
comprising: 

a) a first program code to conduct a preliminary authen- 
tication phase to establish an encryted control channel 
between the computer and a remote device, the first 
program code comprises 

code to exchange data by the computer with the remote 
device, 

code to encrypt the exchanged data and subsequently hash 

the encrypted data, 
code to exchange the encrypted, hashed data with the 

remote device, 
code to compare the exchanged encrypted, hashed data to 

expected values, and 
code to establish the encrypted control channel if the 

exchanged encrypted, hashed data matches the 

expected values; 

b) a second program code to temporarily transfer content 
over the encrypted control channel from the computer; 
and 

c) a third program code to conduct a full authentication 
phase in a background while transferring the content 
over the encrypted control channel, the full authenti- 
cation phase being more robust than the preliminary 
authentication phase. 

24. The computer program code of claim 23, wherein the 
code to encrypt the exchanged data performs encryption 
using a preliminary control channel key being a result of a 
shared secret key and a random challenge of the computer 
encrypted with a cipher. 

25. The computer program code of claim 23, wherein the 
code to encrypt the exchanged data performs encryption 
using a preliminary control channel key being a result of an 
Exclusive OR operation on (1) a shared secret key and a 
random challenge of the computer encrypted with a cipher 
and (2) the shared secret key and a random challenge of the 
remote device encrypted with the cipher. 

26. The computer program of claim 23, wherein the full 
authentication phase is conducted by the second program 
code in the background while the content is being trans- 
ferred over the encrypted control channel. 

27. A device comprising: 

a) means for conducting a preliminary authentication 
phase to establish an encrypted control channel to a 
remote device; 

b) means for temporarily transferring content over the 
encrypted control channel; and 
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c) means for conducting a full authentication phase in a 
background while transferring the content over the 
encrypted control channel, the full authentication phase 
being more robust than the preliminary authentication 
phase. 

28. The device of claim 27, wherein the means for 
conducting the preliminary authentication phase further 
encrypts and performs subsequeng hashing operations of 
random challenges provided by the first device and the 
second device. 

29. A device comprising: 

a) means for conducting a preliminary authentication 
phase to establish an encrypted control channel to a 
remote device, including (i) means for exchanging data 
with the remote device, (ii) means for encrypting the 
exchanged data and subsequently hashing the 
encrypted data, (iii) means for comparing the 
exchanged encrypted, hashed data to expected values, 
and (iv) means for establishing the encrypted control 
channel if the exchanged encrypted, hashed data 
matches the expected values; 

b) means for temporarily transferring content over the 
encrypted control channel; and 

c) means for conducting a full authentication phase in a 
background while transferring the content over the 
encrypted control channel, the full authentication phase 
being more robust than the preliminary authentication 
phase. 

30. The device of claim 29, wherein the exchanged data 
is encrypted with a preliminary control channel key being a 
result of a shared secret key and a random challenge of the 
first device encryptee with a cipher. 

31. The device of claim 29, wherein the exchanged data 
encrypted with a preliminary control channel key being a 
result of an Exclusive OR operation on (1) a shared secret 
key and a random challenge of the device encrypted with a 
cipher and (2) the shared secret key and a random challenge 
of remote device encrypte with the cipher. 

32. The device of claim 29, wherein the means for 
conducting the full authentication phase operates in the 
background while the content is being transferred over the 
encrypted control channel. 

33. A method comprising: 

a) conducting a preliminary authentication phase to pro- 
duce an encrypted control channel between a first 
device and a second device; 

b) transferring content over the encrypted control channel; 
and 

c) conducting a full authentication phase in the back- 
ground while transferring the content over the 
encrypted control channel, the full authentication phase 
being more robust than the preliminary authentication 
phase. 
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34. The method of claim 33, wherein the conducting of 
the preliminary authentication phase includes encryption 
and subsequent hashing of random challenges provided by 
the first device and the second device. 

35. A method comprising: 

a) conducting a preliminary authentication phase to pro- 
duce an encrypted control channel between a first 
device and a second device by (1) exchanging data 
between the first device and the second device, (2) 
encrypting the exchanged data and subsuquently hash- 
ing the encrypted data, (3) exchanging the encrypted, 
hashed data, (4) comparing the exchanged encrypted, 
hashed data to expected values, and (5) producing the 
encrypted control channel if the exchanged encrypted, 
hashed data matches the expected values; 

b) transferring content over the encrypted control channel; 
and 

c) conducting a full authentication phase in the back- 
ground while transferring the content over the 
encrypted control channel, the full authentication phase 
being more robust than the preliminary authentication 
phase. 

36. The method of claim 35, wherein conducting the full 
authentication phase comprises: 

transferring a first message from the first device; 
receiving a second message by the first device, the second 

message including a message signature and a certificate 
determining by the first device that the second message is 

valid; 

verifying by the first device that the certificate is valid; 
and 

calculating a key for maintaining the encrypted control 
channel. 

37. The method of claim 35, wherein the exchanged data 
is encrypted with a preliminary control channel key being a 
result of an Exclusive OR (XOR) operation on (1) a shared 
secret key and a random challenge of the first device 
encrypted with a cipher and (2) the shared secret key and a 
random challenge to the second device encrypted with the 
cipher. 

38. The method of claim 35, wherein the conducting of 
the full authentication phase operates in the background 
while the content is being transferred over the encrypted 
control channel. 

39. The method of claim 35, wherein the data includes 
random challenges. 

40. The method of claim 39, wherein the encrypted 
control channel is supported by a preliminary phase control 
key being a result produced by an Exclusive OR operation 
being conducted on an encrypted the random challenges 
provided by the first device and a second device. 
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